One other Chrome browser zero-day has surfaced on-line. Google has confirmed the newest Chrome zero-day bug to have caught the adversaries’ consideration earlier than a patch. So, as the newest launch fixes the vulnerability, customers should guarantee updating their units to forestall attainable exploitations.
Google Chrome Zero-Day Beneath Assault
Google has not too long ago rolled out one other main replace for its Chrome net browser. As soon as once more, the tech big has addressed a critical zero-day bug within the Chrome browser. However what makes it critical is that the agency detected energetic exploitation of the flaw within the wild.
In line with its advisory, the bug in query, a heap buffer overflow, affected WebRTC element. This vulnerability, CVE-2022-2294, first caught the eye of a safety researcher from Avast, who reported it to the agency on July 1, 2022.
Google has deemed it a high-severity vulnerability however has avoided sharing additional particulars from now. It’s a basic observe with the agency to keep away from publicly disclosing bug particulars to present ample time to the customers for patching, and to keep away from extreme exploitation.
As well as, Google has additionally patched three different vulnerabilities, two of which have been reported by exterior researchers. These embrace CVE-2022-2295, a high-severity sort confusion vulnerability affecting the V8 element. This bug first caught the eye of avaue and Buff3tts at S.S.L., who gained a $7500 bounty for reporting it to Google.
Likewise, the opposite vulnerability CVE-2022-2296, grabbed Google’s consideration following the bug report from safety researcher Khalil Zhani. It was a use after free in Chrome OS Shell. Google deemed it a high-severity vulnerability, rewarding the researcher with a $3000 bug bounty.
Google has mounted these vulnerabilities with Chrome 103.0.5060.114 for Home windows. Whereas it additionally rolled out the fixes for CVE-2022-2294 and CVE-2022-2295 with Chrome 103.0.5060.71 for Android. This up to date Chrome for Android model will arrive on Google Play Retailer shortly.
Thus, it implies that each desktop and cell customers working Chrome browsers on their units should rush to replace.
Tell us your ideas within the feedback.
